package net.zjitc.controller.backend;

import net.zjitc.common.Const;
import net.zjitc.common.ServiceResponse;
import net.zjitc.pojo.User;
import net.zjitc.service.UserService;
import org.apache.commons.lang3.StringUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.ResponseBody;

import javax.servlet.http.HttpSession;

/**
 * @author 赵静静
 * @date 2019/3/22 21:27
 */
@Controller
@RequestMapping("/manage/user/")
public class ManageUserController {
    @Autowired
    private UserService userService;

    @ResponseBody
    @RequestMapping(value = "login.do",method = RequestMethod.POST)
    public ServiceResponse<User> login(String username, String password, HttpSession session){
        ServiceResponse<User> response = userService.login(username, password);
        if (response.isSuccess()){
            User user = response.getData();
            if (user.getRole() == Const.Role.ROLE_ADMIN){
                user.setPassword(StringUtils.EMPTY);
                session.setAttribute(Const.CURRENT_USER,user);
                return response;
            }else {
                return ServiceResponse.createByErrorMessage("不是管理员，没有权限登录");
            }
        }
        return response;
    }
}
